Date: Wed, 19 Mar 2003 17:30:54 -0800
From: security@sco.com
To: bugtraq@securityfocus.com, announce@lists.caldera.com,
Subject: Security Update: [CSSA-2003-013.0] Linux: integer overflow vulnerability in XDR/RPC routines
--UHN/qo2QbUvPLonB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@linuxsecurity.com
______________________________________________________________________________
SCO Security Advisory
Subject: Linux: integer overflow vulnerability in XDR/RPC routines
Advisory number: CSSA-2003-013.0
Issue date: 2003 March 19
Cross reference:
______________________________________________________________________________
1. Problem Description
The xdrmem_getbytes() function in the XDR library provided by
Sun Microsystems contains an integer overflow that can lead to
improperly sized dynamic memory allocation.
2. Vulnerable Supported Versions
System Package
----------------------------------------------------------------------
OpenLinux 3.1.1 Server prior to glibc-2.2.4-26.i386.rpm
prior to glibc-devel-2.2.4-26.i386.rpm
prior to glibc-devel-static-2.2.4-26.i386.rpm
prior to glibc-localedata-2.2.4-26.i386.rpm
OpenLinux 3.1.1 Workstation prior to glibc-2.2.4-26.i386.rpm
prior to glibc-devel-2.2.4-26.i386.rpm
prior to glibc-devel-static-2.2.4-26.i386.rpm
prior to glibc-localedata-2.2.4-26.i386.rpm
OpenLinux 3.1 Server prior to glibc-2.2.4-26.i386.rpm
prior to glibc-devel-2.2.4-26.i386.rpm
prior to glibc-devel-static-2.2.4-26.i386.rpm
prior to glibc-localedata-2.2.4-26.i386.rpm
OpenLinux 3.1 Workstation prior to glibc-2.2.4-26.i386.rpm
prior to glibc-devel-2.2.4-26.i386.rpm
prior to glibc-devel-static-2.2.4-26.i386.rpm
prior to glibc-localedata-2.2.4-26.i386.rpm
3. Solution
The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.
4. OpenLinux 3.1.1 Server
4.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-013.0/RPMS
4.2 Packages
22c6bf3a5dc5423c57eea99f7fef610d glibc-2.2.4-26.i386.rpm
ec9c2ce3c84aee5256371fa23067a07b glibc-devel-2.2.4-26.i386.rpm
16f2585ecc1b33ff7d3ad9b38e7dcc9a glibc-devel-static-2.2.4-26.i386.rpm
c51af00de6e168ee6ae562d91e5db1d1 glibc-localedata-2.2.4-26.i386.rpm
4.3 Installation
rpm -Fvh glibc-2.2.4-26.i386.rpm
rpm -Fvh glibc-devel-2.2.4-26.i386.rpm
rpm -Fvh glibc-devel-static-2.2.4-26.i386.rpm
rpm -Fvh glibc-localedata-2.2.4-26.i386.rpm
4.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-013.0/SRPMS
4.5 Source Packages
67ba9387370089a15afd038ecc277e1e glibc-2.2.4-26.src.rpm
5. OpenLinux 3.1.1 Workstation
5.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-013.0/RPMS
5.2 Packages
5774225efb99e5401da7aceaf864206c glibc-2.2.4-26.i386.rpm
a1b8257b874681a45a6e89baf63f7b94 glibc-devel-2.2.4-26.i386.rpm
79311a60b66b2d62dc6ba4e7733dd58b glibc-devel-static-2.2.4-26.i386.rpm
294be611e6540c4a821e3a21e9782de1 glibc-localedata-2.2.4-26.i386.rpm
5.3 Installation
rpm -Fvh glibc-2.2.4-26.i386.rpm
rpm -Fvh glibc-devel-2.2.4-26.i386.rpm
rpm -Fvh glibc-devel-static-2.2.4-26.i386.rpm
rpm -Fvh glibc-localedata-2.2.4-26.i386.rpm
5.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-013.0/SRPMS
5.5 Source Packages
9acadcee5ab04b65760d047b1859c028 glibc-2.2.4-26.src.rpm
6. OpenLinux 3.1 Server
6.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-013.0/RPMS
6.2 Packages
4271adc975e6ebaaecb108d72cbb4760 glibc-2.2.4-26.i386.rpm
d549f0a97100dc9aadde9bf16e8344ee glibc-devel-2.2.4-26.i386.rpm
39f53de2a5c120564b6bafeb205c1081 glibc-devel-static-2.2.4-26.i386.rpm
50b0702cf93243af4905f79ed04a1d67 glibc-localedata-2.2.4-26.i386.rpm
6.3 Installation
rpm -Fvh glibc-2.2.4-26.i386.rpm
rpm -Fvh glibc-devel-2.2.4-26.i386.rpm
rpm -Fvh glibc-devel-static-2.2.4-26.i386.rpm
rpm -Fvh glibc-localedata-2.2.4-26.i386.rpm
6.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-013.0/SRPMS
6.5 Source Packages
caba33ff21c2881251bf5b3c5a2b4975 glibc-2.2.4-26.src.rpm
7. OpenLinux 3.1 Workstation
7.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-013.0/RPMS
7.2 Packages
a4278a559231b9511f00f5437cf87bf7 glibc-2.2.4-26.i386.rpm
acd97a4e0865adbea7581ae2e43be41b glibc-devel-2.2.4-26.i386.rpm
29b17471105d85724c77dc1d4b4be06e glibc-devel-static-2.2.4-26.i386.rpm
6ede9ea5f28ebe882395bb110fa9c7d3 glibc-localedata-2.2.4-26.i386.rpm
7.3 Installation
rpm -Fvh glibc-2.2.4-26.i386.rpm
rpm -Fvh glibc-devel-2.2.4-26.i386.rpm
rpm -Fvh glibc-devel-static-2.2.4-26.i386.rpm
rpm -Fvh glibc-localedata-2.2.4-26.i386.rpm
7.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-013.0/SRPMS
7.5 Source Packages
69bd935b0ead8c59d30f3ec61ea96d13 glibc-2.2.4-26.src.rpm
8. References
Specific references for this advisory:
http://www.kb.cert.org/vuls/id/516825http://www.cert.org/advisories/CA-2003-10.html
SCO security resources:
http://www.sco.com/support/security/index.html
This security fix closes SCO incidents sr872633, fz526862,
erg712183.
9. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
10. Acknowledgements
Riley Hassell of eEye discovered and researched the xdrmem_getbytes
vulnerability.
______________________________________________________________________________
--UHN/qo2QbUvPLonB
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj55Gc4ACgkQbluZssSXDTGGXQCgvCDfzrjPo2S5LvWwzerOVXWt
yNoAn3caL+GayWh+egvqP+E2YzjLK65L
=zpxf
-----END PGP SIGNATURE-----
--UHN/qo2QbUvPLonB--
